General
-
Target
Proof of Payment.exe
-
Size
1.4MB
-
Sample
210119-zcpa6b1l82
-
MD5
630c736f4a8124225065b21a153b889d
-
SHA1
c84d8e6cd5218bdc77b5511a7b38cd94c02fa463
-
SHA256
ef9e50bbc71c2f7c213f49e413cebab25733d52f82f2197ab256471ecb3db3bf
-
SHA512
97f4b9f5d5721f8410fb57b2a97f706cef64ad2e9c10a54918dde5a8842c56a59c1cfe1b2aec2d5c889f71612d32045b8c563828eb2d3f3da9284a82227edaa3
Static task
static1
Behavioral task
behavioral1
Sample
Proof of Payment.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
Proof of Payment.exe
-
Size
1.4MB
-
MD5
630c736f4a8124225065b21a153b889d
-
SHA1
c84d8e6cd5218bdc77b5511a7b38cd94c02fa463
-
SHA256
ef9e50bbc71c2f7c213f49e413cebab25733d52f82f2197ab256471ecb3db3bf
-
SHA512
97f4b9f5d5721f8410fb57b2a97f706cef64ad2e9c10a54918dde5a8842c56a59c1cfe1b2aec2d5c889f71612d32045b8c563828eb2d3f3da9284a82227edaa3
-
NetWire RAT payload
-
Suspicious use of SetThreadContext
-